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PRELIMINARY AMENDMENT 



Assistant Commissioner for Patents 



June 19, 200 



Washington, D.C. 20231 
Sir : 

Prior to examination, please amend the above-identified 
application as follows. 

IN THE SPECIFICATION 

Please amend the specification as follows: 
Page 11, line 13, delete "What is claimed is:". 

IN THE CLAIMS 

Please amer.d the claims as follows: 

3 . (Amended) A module as claimed in Claim 1 [or Claim 
2], further including a certification authority certificate. 



4. (Amended) A module as claimed in [any preceding] 
Claim 1, wherein the at least one certificate is stored 
externally of said module at a remote location which is 
derivable from an address stored on said module. 

5. (Amended) A module as claimed in [any preceding] 
Claim 1, wherein the further private key is the manufacturer's 
private key. 

6. (Amended) A module as claimed in [any one of Claims] 
Claim 1 [to 4] , wherein the further private key is an initial 
management key, the module further having stored thereon an 
initial management certificate signed using the manufacturer's 
private key. 

7. (Amended) A method of manufacturing a tamper-evident 
wireless application protocol identity module (WIM) 

[including] comprising the [steps] step ofj_ 

storing a public-private key pair on said module 
together with a manufacturer certificate signed using a 
further private key. 



2 



10. (Amended) A method according to [Claim 8 or] Claim 
9, wherein the manufacturer certificate is created externally 
of the module . 

11. (Amended) A method according to Claim 10 [as 
appendant to Claim 9] , wherein the module is accessed to 
obtain the public key to facilitate the external creation of 
the certificate. 

12 . (Amended) A method as claimed in [any one of Claims] 
claim 7 [to 11] , wherein the further private key is the 
manufacturer's private key. 

13. (Amended) A method as claimed in Claim 9, further 
comprising [including] the [additional] steps ofj_ 

storing an externally created initial management key 
pair and an initial management certificate signed using the 
manufacturer's p-rivate key on said module and 

storing an internally created manufacturer 
certificate on said module wherein the further private key is 
the initial management private key. 

14 . (Amended) A method of validating a tamper- evident 
wireless application protocol identity module (WIM) on which 



is stored at least one public-private key pair together with a 
manufacturer certificate signed using a further private key, 
the method [including] comprising the step of± 

querying a public directory to obtain a public key 
certificate with which to verify the signature generated by 
the further private key. 

15. (Amended) A method of validating the identify of a 
communication terminal for conducting transactions on the 
network comprising the steps of: 

establishing the identity of a user of the terminal 
connected to the network 

interrogating the terminal to obtain a public key of 
a public-private key pair stored on the terminal [,] ± 

conforming the authenticity of a certificate signed 
by the module manufacturer supporting the public keyj. and 

subsequently issuing a further certificate for the 
public key which certificate is available to support 
transactions with the terminal over the network. 

19. (Amended) A method of satisfying an identity module 
issuer of the provenance of an identify module for use in 
transactions on a network comprising the steps of: [comprises 
the issuer] 

4 



approving , by the issuer, a manufacturing process of 
the module manufacturer^ [and having] 

storing, by the manufacturer^ [store] a manufacturer 
certificate signed securely by the manufacturer on a module 
produced in accordance with the approved process [, wherein 
on] ; and 

upon connection to the network of a terminal 
containing a module, verifying the signature [is verified] to 
determine whether it is the manufacturer's signature . 

20. (Amended) A method as claimed in Claim 19, wherein 
the manufacturer- certificate is signed using the 
manufacturer's private key such that on connection to the 
network a public key certificate is obtained with which to 
verify the signature. 

21. (Amended) A method as claimed in Claim 19 [or Claim 
20] , wherein the verification of the signature is carried out 
by the issuer. 

22 . (Amended) A method as claimed in [an one of Claim] 
claim 19 [to 21] , wherein following successful verification of 
a signature, a further public key certificate is made 



5 



available to support transactions with the terminal, the 
public key having been stored in the manufacturer certificate. 

Please add new claims 23-39 as follows: 

23. A module as claimed in Claim 2, further including a 
certification authority certificate. 

24. A module as claimed in Claim 2, wherein the at least 
one certificate is stored externally of said module at a 
remote location which is derivable from an address stored on 
said module. 

25. A module as claimed in Claim 3, wherein the at least 
one certificate is stored externally of said module at a 
remote location which is derivable from an address stored on 
said module. 

26. A module as claimed in Claim 2, wherein the further 
private key is the manufacturer's private key. 

27. A module as claimed in Claim 3, wherein the further 
private key is the manufacturer's private key. 
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28. A module as claimed in Claim 4, wherein the further 
private key is the manufacturer's private key. 

29. A module as claimed in Claim 2, wherein the further 
private key is an initial management key, the module further 
having stored thereon an initial management certificate signed 
using the manufacturer's private key. 

30. A module as claimed in Claim 3, wherein the further 
private key is an initial management key, the module further 
having stored thereon an initial management certificate signed 
using the manufacturer's private key. 

31. A module as claimed in Claim 4, wherein the further 
private key is an initial management key, the module further 
having stored thereon an initial management certificate signed 
using the manufacturer's private key. 

32. A method according to Claim 8, wherein the 
manufacturer certificate is created externally of the module. 

33. A method as claimed in claim 8, wherein the further 
private key is the manufacturer's private key. 
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34. A method as claimed in claim 9, wherein the further 
private key is the manufacturer's private key. 



35. A method as claimed in claim 10, wherein the further 
private key is the manufacturer's private key. 

36. A method as claimed in claim 11, wherein the further 
private key is the manufacturer's private key. 

37. A method as claimed in Claim 20, wherein the 
verification of the signature is carried out by the issuer. 



38. A method as claimed in claim 20, wherein following 
successful verification of a signature, a further public key 
certificate is made available to support transactions with the 
terminal, the public key having been stored in the 
manufacturer cert if icate . 



39. A method as claimed in claim 21, wherein following 
successful verification of a signature, a further public key 
certificate is made available to support transactions with the 
terminal, the public key having been stored in the 
manufacturer certificate.-- 

8 



REMARKS 



Entry of the above amendments prior to examination is 
respectfully requested. 

Please charge any shortage in fees due in connection with 
the filing of this paper, or credit any overpayment of fees, 
to the deposit account of Antonelli, Terry, Stout & Kraus , 
LLP, Deposit Account No. 01-2135 (3 67.3 8672X00) . 



Respectfully submitted, 



ANTONELLI, TERRY, STOUT & KRAUS, LLP 




CIB/jdc 
(703) 312-6600 
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WIM manufacturer certificate 



Background of the invention 



The present invention relates 
cryptography, particularly 
application protocol identity module. 



to a security method using asymmetric key 
although not exclusively for use with a wireless 



crypti 



r only 



10 Asymmetric or public-key 
private key to which a user 
published or distributed on 
communicate with the user, 
user will first obtain a certificejte 

15 obtained from a certification 
encrypt a message using the 
the user using his private key 
communicate using their own 
private keys. However, in pra 

20 data is such that it is rarely su 



However, the technique is 
integrity services. As such, 
adopted for use in the Wire|< 
WAP is an industry-wide 
over wireless communication 
specifications are published 
and presently available at http : 



PAT 9941 5 US 



:ography r as is now well known, utilises a 
has access and a public key, which may be 
request for the use of those wishing to 
A third party wishing to communicate with the 
bearing the user's public key, which may be 
authority (CA). The third party is then able to 
user's public key for subsequent decryption by 
The approach means that a pair of users can 
key pairs without ever having to exchange their 
jtice the computational effort required to encrypt 
table for large messages. 



suitable for authentication, non-repudiation and 
the technique is particularly suited and has been 
ess Application Protocol (WAP), for example, 
specification for developing applications that operate 
networks. For reference purposes, the WAP 
[|>y the Wireless Application Protocol Forum Ltd. 
://www.wa pforum.org. 
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■ authentication, 



i hologiam 



may i 



The requirement for 
one which is particularly relev 
Financial Service Providers 
services have been purchased 
5 cheques, credit and charge 
with the opportunity to assess 
In the case of notes this may 
visual inspection of the 
In the case of telephone 

10 purchase, the assessment 
stop list However, with the 
opportunity for cashless 
communication terminal such 
of assessing a transaction 

15 checks. Thus, it has been 
assist in such transactions, 
provide WAP client 
been found necessary to uti 
known as a WAP identity 

20 and process information 
Typically, a WIM might be 
mobile telephone, the WIM 
(SIM) card or perhaps an 



transactions 



t authentication 



25 Nevertheless, there remains 
forgery and fraud in relation 
of the present invention to 
manufacture of a WIM. It is a 
method of establishing 

30 according to a range of techn 



non-repudiation and integrity services is 
nt to the needs of e-commerce and in particular 
FSPs) e.g. banks. Traditionally, goods and 
using physical objects whether coinage, notes, 
c^rds and the like. This has provided the vendor 
whether the payment is genuine. For example, 
take the form of the feel of the paper whilst a 
and signature on a credit card may suffice, 
payment using a credit card, or indeed a store 
include checking the card number against a 
advent of e-commerce and in particular the 
based on data held in an individual 
as a mobile telephone, there exists the problem 
wrere the parties are unable to carry out physical 
proposed to utilise the technique set out above to 
o provide security for the private keys used to 
, electronic signatures and the like, it has 
ise a tamper-resistant device. This device is 
mocule (WIM). The WIM is used especially to store 
needed for user identification and authentication, 
implemented as a smart card. In the case of a 
could form part of the Subscriber Identity Module 
exte rnal smart card. 



a significant further problem of security, namely 
to the manufacture of the WIM itself. It is an aim 
gi|iard against forgery and fraud in relation to the 
further aim of the present invention to provide a 
in the security of a WIM manufactured 

ques. 
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Summary of the Invention 



t aspoct 



Thus, according to a first 
tamper evident wireless 
stored thereon a pubtic-priv£t< 
wherein the manufacturer 
relating to said key pair, the 
key. 



of the present invention, there is provided a 
application protocol identity module (WIM) including 
:e key pair and a manufacturer certificate, 
cejrtificate contains a set of fields holding data 
certificate being signed using a further private 



Preferably the manufacturer 
private key although in 
user prior to the creation of a 
an initial management certifi 
management private key in or 
applied to the manufacturer a 



According to another aspect 
method of manufacturing a 
identity module (WIM) 
on said module together with 
private key. 



Again, the manufacturer 
manufacturer's private key 
distributed to a user prior to 
necessary to include the 
certificate and associated 
order to provide means 
manufacturer certificate. 



certificate is signed using the manufacturer's 
circunstances where the module is distributed to a 
nanufacturer certificate, it is necessary to store 
3 and associated signature using an initial 
to provide means for validating the signature 



of the present invention, there is provided a 
tamper-evident wireless application protocol 
including the steps of storing a public-private key pair 
manufacturer certificate signed using a further 



;ertificate is preferably signed using the 
ajthough in circumstances where the module is 
the creation of a manufacturer certificate, it will be 
further step of storing an initial management 
sigrature using an initial management private key in 
fpr validating the signature applied to the 
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In accordance with a further 
a method of validating a tamp 
module (WIM) on which is 
with a manufacturer certificate 
including the step of 
certificate with which to verify 
key. 



aspect of the present invention, there is provided 
er-evident wireless application protocol identity 
ed at least one public-private key pair together 
signed using a further private key, the method 
ig a public directory to obtain a public key 
the signature generated by the further private 



10 Where the certificate is gen 
necessary to query both the 
and the manufacturer's private 
part of a public-private key 
management key-pair whose 

15 manufacturer's private key. 

In accordance with a still furtt 
method of validating the idenl 
transactions on a network con 

20 terminal connected to the netv 
key of a public-private key 
authenticity of a certificate sig 
public key and subsequently 
which certificate is available tc 

25 network. 



Preferably, the network servii 
the manufacturer certificate, 
stored on a tamperproof moc 
Identity Module (SIM) located 



srated after distribution to a user, it will be 
signature generated by the further private key, 
key. In this case, the further private key is one 
created by the manufacturer as an initial 
corresponding certificate is signed using the 



aspect of the invention, there is provided a 
ity of a communication terminal for conducting 
prising establishing the identity of a user of the 
ork, interrogating the terminal to obtain a public 
pair stored on the terminal, confirming the 
led by the module manufacturer supporting the 
issuing a further certificate for the public key 
support transactions with the terminal over the 



i provider may carry out the authentication of 
Advantageously, at least the private key is 
le which may be integrated with a Subscriber 
in the terminal. 
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In accordance with yet anothfer 
communications device havi lg 
supporting security operations 
and further including a manu'acturer 
module, wherein the manufacturer 
data relating to a public-privat 
the private key being stored 
being signed using a further pjivate 
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15 



aspect of the invention, there is provided a 
stored thereon a plurality of certificates 
including authentication and non-repudiation, 
certificate stored on a tamper evident 
certificate contains a set of fields holding 
3 key pair for application layer security, at least 
on said module, the manufacturer certificate 
key. 



Whilst, in accordance with e 
provided a method of satisfying 
an identity module for use in 
approving a manufacturing 
the manufacturer store a 
manufacturer on a module 
process, wherein on connec 
module, the signature is verified 



20 Brief Description of the Drawi igs 



In order to aid in urn 
embodiments thereof will 
reference to the accompanying 



Figure 1a is a table illustrating 
generated in accordance with 
Figure 1b is a table illustratng 
contents of the manufacturer 



30 



still further aspect of the invention, there is 
an identity module issuer of the provenance of 
transactions on a network comprises the issuer 
p ocess of the module manufacturer and having 
manufacturer certificate signed securely by the 
produced in accordance with the approved 
ion to the network of a terminal containing a 
to determine whether it is the manufacturer's. 



iderstanding the present invention, a number of 
n(|>w be described by way of example and with 
drawings, in which: 



the contents of a manufacturer certificate 
the method of the present invention; 

the key usage indicators forming part of the 
certificate of Figure 1a; 
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Figure 2 is a flowchart of the j 
manufacturer certificate of Figure 
invention; 

Figure 3 is a flowchart of the 
manufacturer certificate of 
invention; and 

Figure 4 is a flowchart of the 
manufacturer certificate of Figure 
invention. 



teps involved in creating a WIM containing the 
1 according to a first embodiment of the 



f Figure 



s teps involved in creating a WIM containing the 
1 according to a third embodiment of the 



Detailed Description of the Invention 



Referring firstly to Figure 1a 
Application Protocol (WAP) Idlentity 
that is made up cf a number o 
by reference to a serial number 
last dates of the validity of the 
pair covered by the certificate 



In addition to storing the 
further certificates to be used 
and Transport Layer Security 
Secure Multi-purpose Inter let 
Furthermore, the WIM may 
certificates to enable 
applications, for example. Su 
or at a later time by the 
insufficient or unavailable, ra 
module, they may be found 
(URL) stored on the WIM. 



teps involved in creating a WIM containing the 
1 according to a second embodiment of the 



the table shows the contents of a Wireless 
Module (WIM) manufacturer certificate 1 
fields 2 which serve to identify the certificate 1 
3, the issuer or manufacturer 4, the first and 
certificate 5,6, the nature of a private-public key 
and finally the public key itself 8. 



manufacturer certificate 1, the WIM may also store 
for example, in Secure Sockets Layer (SSL), 
(TLS) client authentication and also for signing 
Mail Extensions (S/MIME) messages, 
store trusted Certification Authority (CA) 
>n of SSL, TLS servers and downloaded Java 
;h certificates may be stored by the WIM issuer 
Where the available space on the WIM is 
tier than storing the further certificates on the 
jy reference to a Universal Resource Location 
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Figure 1b further defines the 
be put. Thus a key pair may 
the intrinsic feature of 
repudiate a previously authenticated 
systems, the user has the 
key pair may be used in the 
the authentication of documents 
wireless transport layer 
used in a key agreement 1 1 
scheme. Finally, a key pair 
key that is needed when an 
such as a mobile telephone 
a public key that correspond! 
sends the wrapped key to the 
key and returns the unwrapped 
used to decipher the attached 



: asymnetric 



; solo 



r specifi ;ati 
used t 



Referring now to Figure 2, 
20 in one embodiment of the 
certificate 1 Is created during 
user. Firstly, a key pair is 
on a WIM, which may be 
communications terminal such 
25 smartcard for use with such 
outside the WIM must then 
containing the information 
the WIM and signed 17 usirjig 
saved 18 onto the WIM. In 
30 rather than save the manufs 



types of use to which a particular key pair may 
be used in non-repudation 9 by which is meant 
cryptography of a user being unable to 
message because, unlike private key 
responsibility for protecting his private-key. A 
generation of a digital signature 10 which permits 
and handshakes such as used in the 
nation (WTLS) of WAP. A key pair may also be 
to negotiate a secret, using a Diffie-Hellman 
be used for decryption or unwrapping 12 of a 
application installed in a communication terminal 
handset receives a message key enciphered with 
to a private key in the WIM. The application 
WIM. The WIM deciphers it using the private 
key to the application so that it can then be 
message. 



the flowchart sets out the steps according to which, 
invention, a WIM containing a manufacturer 
the manufacture of a WIM prior to supply to a 
generated 13 outside the WIM and then saved 14 
integrated with a SIM card for use with a 
as a mobile telephone handset or as dedicated 
a terminal. Any record of the key pair existing 
be deleted 15. A manufacturer certificate 
d4scribed above is then created 16 externally of 
the manufacturer's private key before being 
a non-illustrated variant of the above method, 
cturer certificate directly onto the WIM, a URL 
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5 above-described 



address pointing to the location 
thereby reducing the memory 
recognise that in the 
support either the creation of 
certificate. 

thi 



With reference to Figure 3, 
during the manufacture of a 
the WIM is provided with the 
pair internally 17 and then to 
external generation 19 of a 
the manufacturer's private 
then saved 21 onto the WIM 
save the manufacturer certi 
pointing to the location of the 
reducing the memory rei 
generated within the WIM 



Finally, with respect to Figure 
generation of a manufacturer 
user. In this method, it 
management key pair outside 
with a corresponding initial 
manufacturer's private key, o 
provide only limited functions)! 
certify a key pair generated 
any of the functionality desc 
may then be distributed to a 
perhaps more usefully followfjng 
over the air Push (OTA- 



^-Pujih), 



8 

of the certificate may be stored on the WIM 
requirement of the WIM. It is important to 
method there is no need for the WIM to 
a key pair or the creation of a manufacturer 



WIM manufacturer certificate is again created 
WIM before supply to a user. In this embodiment 
functionality necessary to allow it to create a key 
permit the public key to be accessed 18 for the 
manufacturer certificate which is signed 20 using 
key. The manufacturer certificate (Figure 1a) is 
although in a non-illustrated variant rather than 
cate directly onto the WIM, a URL address 
certificate may be stored on the WIM thereby 
iquireihent of the WIM. The fact that the key pair is 
enhances the security of the method. 



4, this embodiment relates to the internal 
certificate by a WIM once in the possession of a 
s necessary first to generate 22 an initial 
the WIM and to save 23 this key pair, together 
management certificate signed 24 using the 
the WIM. The initial management key pair will 
lity inasmuch as it can only be used merely to 
the WIM and thus is not capable of providing 
ed above in relation to Figure 1b, The WIM 
i|iser whereupon the user issues an instruction or 
receipt of an external instruction, such as an 
the WIM creates 25 a key pair internally, 



ty 
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following which the WIM 
certificate signed 27 using the 
external party to be satisfied 
signed in this manner it will be 
set out below and applicable 
party also to validate the initial 
manufacturer's private key 



25 



9 

generates 26 a corresponding manufacturer 
initial management private key. Clearly, for an 
of the legitimacy of a manufacturer certificate 
necessary, in addition to the validation process 
to all the embodiments set out herein, for that 
management certificate signed 24 using the 
set out below. 



Thus, following the 
necessary to validate the 
transactions by the 
Authority, namely the FSP 
depends, must first be 
manufacturer with whom has 
which meet the requirements 



thsit 
assured 



WIM 



Most conveniently, the 
validating a new user to a 
trusted relationship. As the 
contained forms part of a nel 
provider as the RA. Thus t 
make a call to the RA during 
private key stored in the 
confirmed by the RA in a 
personal data e.g. mother's 
also authenticates the 
containing the WIM public 
manufacturer public key from 
the FSP. Assuming the 
not revoked or suspended 



j digit? il 



manufacturing processes set out above, in each case it is 
before it can be utilised in commercial 
communications device. Hence, the Certification 
issues the WIM, i.e. on whose funds the user 
that the WIM has been produced by a 
previously been agreed production processes 
of the FSP to counter fraud, forgery and the like. 



Certification Authority may delegate the task of 
Registration Authority (RA) with which it has a 
communication device in which the WIM is 
ork, the CA may delegate the network service 
permit commercial transactions, the user will 
which the WIM public key 8 associated with the 
is extracted and the identity of the user is 
known manner such as through an enquiry for 
maiden name or a single use password. The RA 
manufacturer signature on the certificate (Figure 1a) 
key 8. Accordingly, the RA obtains the 
a further certificate signed by a CA, in this case 
signature can be authenticated i.e. the CA has 
t[ie Certificate covering the manufacturer public 
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key, then the RA can issue a 
key certificate is then placed ii 
for use in supporting commercial 



10 

certificate for the WIM public key 8. This public- 
a repository where it is available to the public 
transactions. 



5 Clearly, should the validation 

possibly a forgery. Furtherm|ore, 
withdrawn support from the 
the RA, through suspending 
manufacturer public key, to prevent 
1 0 for the CA withdrawing suppor : 
in the security protocols at the 
of the manufacturer was origin . ally 



process fail then it will be known that the WIM is 
where, for whatever reason the CA has 
manufacturer it will be necessary only to inform 
revoking the relevant certificate covering the 
validation of the WIM. A possible reason 
for a manufacturer could include a breakdown 
manufacturing location on which the approval 
based. 



It will be clear from the above 
15 undertaken by the CA itself, 
provider has easy access to 
of validation. Also, through 
transfer of International Mob 
Mobile Subscriber Identity 
20 revealing the nature of the 
information can prove useful 
device to deal with different 



It will be recognised in 
25 manufacturer certificate on the; 

can provide confidence to a 

associated with that 

placed on the WiM. Such 

CA can identify the 
30 integrity of their key pair 



1hat all the steps carried out by the RA could be 
However, the fact that the network service 
tlje communication device simplifies the process 
the usual network processes, for example the 
le Subscriber Identity (IMSI) and Temporary 
(TIv SI) Codes, the network provides the benefit of 
device in which the WIM is installed. This 
o the FSP in determining the capability of the 
transactional services. 



on to the foregoing that the existence of a 
WIM or an address at which it might be found 
Certification Authority (CA) that the key pair 
manufacturer certificate (Figure 1a) has been securely 
co ifidence will, of course, stem from the fact that 
manufactu rer of the WIM and, hopefully, be assured of the 
generation. Clearly, once the CA is confident of the 



£10 "d 
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integrity of the key pair it is 
identity of the WIM user 
communicate with said user. 
CA will verify the manufacturer 
containing the manufacturer 1 !; 
used to verify the manufactu 
manufacturer mi3y well have 
may have a top CA for certif 
pairs. A top CA used by a pirticul: 
third party CA that also certilies 
hierarchy of certification facilitates 
certificates of different manufijctui 



11 

n a position to issue a certificate certifying the 
l|or the subsequent use of those wishing to 
As has been stated previously, in practice, the 
certificate by firstly accessing a certificate 
own public key. This public key can then be 
rer certificate itseff. Furthermore, the 
single CA certificate to certify all key pairs, or it 
ation of intermediate CAs that certify actual key 
lar manufacturer may itself be certified by a 
the top CA of other manufacturers. Such a 
the secure distribution of the top CA 
rers. 



What is claimed is; 



HO 'd 
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10 



15 4. 



A tamper evident 
including stored thereoiji 
certificate, wherein the 
relating to said key pa 
private key. 



3s application protocol identity module (WIM) 
a public-private key pair and a manufacturer 
certificate contains a set of fields holding data 
r, the certificate being signed using a further 



A module as claimed in 
field of said certificate. 

A module as claimed 
certificatioin authority ce 



Claim 1 , wherein the public key is held within a 



in Claim 1 or Claim 2, further including a 



A module as claimed in 
certificate is stored extejnally 
is derivable from an 



A module as claimed 
private key is the manufacturer's 



A module as claimed ii 
private key is an initia 
stored thereon an in 
manufacturer's private 



A method of 
protocol identity moduli 
private key pair on said 
signed using a further r. 



any preceding Claim, wherein the at least one 
of said module at a remote location which 
stored on said module. 



adc ress 



in any preceding Claim, wherein the further 
private key. 



any one of Claims 1 to 4, wherein the further 
management key, the module further having 
al management certificate signed using the 
key. 



manufacturing a tamper-evident wireless application 
(WIM) including the steps^of. storing a public- 
module together with a manufacturer certificate 
rivate key. 
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13. 



A method according 
externally of said module. 



to Claim 7, wherein the key pair is created 



9. A method according 
internally of said modu 

10. A method according td> 
certificate: is created e>; 



to Claim 7, wherein the key pair is created 



Claim 8 or Claim 9, wherein the manufacturer 
ternally of the module. 



11. A method according to 
module is accessed to 
creation of the certificate. 



A method as claimec 
storing an externally c 
management certificat 
said module, and 
on said module v 
management private 



A method of valid atin 3 
identity module (WIM) 
pair together with a 
private key, the methojd 
to obtain a public key 
generated by the furthjer 



Claim 10 as appendant to Claim 9, wherein the 
obtain the public key to facilitate the external 



A method as claimed ih any one of Claims 7 to 1 1 , wherein the further 
private key is the manufacturer's private key. 



in Claim 9, including the additional steps of-' 
-eated initial management key pair and an initial 
:k signed using the manufacturer's private key on 
storng an internally created manufacturer certificate 
n the further private key is the initial 



ksy. 



a tamper-evident wireless application protocol 
on which is stored at least one public-private key 
manufacturer certificate signed using a further 
including the step of querying a public directory 
certificate with which to verify the signature 
private key. 
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A method of validatin g 
conducting transactions 
identity o1 : a user of the 
the terminal to obtain £ 
the terminal, confirming 
module manufacturer 
issuing a further 
available to support tre 



the identity of a communication terminal for 
on a network comprising establishing the 
terminal connected to the network, interrogating 
public key of a public-private key pair stored on 
the authenticity of a certificate signed by the 
supporting the public key and subsequently 
for the public key which certificate is 
nsactions with the terminal over the network. 



cer rficate 



16. A method as claimed 
carries out the 



Claim 15, wherein the network service provider 
authentication of the manufacturer certificate. 



A device as claimed 
supporting security 
remote location whii 
device. 



A method of satisfyin 
an identity module for 



15 17. A communications device having stored thereon a plurality of 
certificates supporting security operations including authentication and 
non-repudiation, and f jrther including a manufacturer certificate stored 
on a tamper evident module, wherein the manufacturer certificate 
contains a set of fields holding data relating to a public-private key pair 
for application layer security, at least the private key being stored on 
said module, the manufacturer certificate being signed using a further 
private key. 



in Claim 17, wherein at least one certificate 
operations is stored externally of said device at a 
is derivable from an address stored on said 



ici 



I an identity module issuer of the provenance of 
use in transactions on a network comprises the 
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20 



issuer approving a 
and having the 
securely by the 
with the approved 
terminal containing a 
whether il: is the mai 
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manufacturing process of the module manufacturer/ 
manufacturer store a manufacturer certificate signed 
manufacturer on a module produced in accordance 
process, wherein on connection to the network of a 
nodule, the signature is verified to determine 



nufscturer's. 



A method as claimed in 
is signed using the 
to the network a public 
signature. 



A method as claimed ir 
of the signature is cs 



A method as claimed ir 
successful verification 
made available to 
having been stored in 



Claim 19, wherein the manufacturer certificate 
manufacturer's private key such that on connection 
key certificate is obtained with which verify the 



Claim 19 or Claim 20, wherein the verification 
i out by the issuer, 



any one of Claims 19 to 21, wherein following 
d»f a signature, a further public key certificate is 
support transactions with the terminal, the public key 
the manufacturer certificate. 



i 
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Apparatus and a method for 
protocol identity module (WIM 
(1 ) is stored on the module 
Authority to have confidence 
creation and storage of a publ 
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Abstract 

enhancing the security of a wireless application 
is disclosed in which a manufacturer certificate 
wlliich permits a third party such as a Certification 
in the security precautions taken during the 
c-private key pair on the module. 
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